Create a directory for scripts that are useful to maintainers, and may be
invoked as part of the CI, but are not part of the normal build.
These scripts may require a recent Python version and may require additional
third-party modules, unlike user-facing scripts where we try to minimize
requirements.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
XOF operations are not available on every branch, so their serialization
code needs to be compiled conditionally on the availability of the type.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use NIST test vectors. I copied the first test case for each parameter set.
For ML-KEM and ML-DSA, I did it manually. For SLH-DSA, I used the following
Python script:
```
<gen-val/json-files/SLH-DSA-keyGen-FIPS205/internalProjection.json python -c '
import json, re, sys
data = json.load(sys.stdin)
types = {family: {} for family in ["SHA2_F", "SHA2_S", "SHAKE_F", "SHAKE_S"]}
for group in data["testGroups"]:
t = group["tests"][0]
m = re.match(r"SLH-DSA-(\w+)-([0-9]+)(\w+)", group["parameterSet"])
type = m.group(1) + "_" + m.group(3).upper()
size = m.group(2)
prv = t["skSeed"] + t["skPrf"] + t["pkSeed"] + t["pk"]
pub = t["pkSeed"] + t["pk"]
types[type][size] = (prv, pub)
for type in sorted(types.keys()):
print("")
print(f" # https://github.com/usnistgov/ACVP-Server/blob/v1.1.0.41/gen-val/json-files/SLH-DSA-keyGen-FIPS205/internalProjection.json")
print(f" \x27SLH_DSA(PSA_SLH_FAMILY_{type})\x27: {{")
for size in sorted(types[type].keys()):
entry = types[type][size]
print(f" {size}: (\"{entry[0]}\",")
print(f" \"{entry[1]}\"),")
print(f" }},")
'
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Define the necessary new categories (key wrap, key encapsulation, XOF).
This completes the list of mechanisms in the PSA Crypto API version 1.4,
except for PAKE that are more challenging (family parametrization, need to
find sample keys in `asymmetric_key_data.py`), and except for the PQC
extension.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add generated files that are no longer checked in.
Remove obsolete things (including things now covered at the framework root).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The files are now generated during the build. Stop having them in version
control.
As formerly in Mbed TLS, `make clean` doesn't remove
configuration-independent target-independent generated files, but the new
target `make neat` does.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We don't need to check those generated files into version control.
This fixes the problem that the generated files have precise knowledge of
the functions that exist on whatever branch of TF-PSA-Crypto is consuming
the framework.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
TF-PSA-Crypto no longer has `psa_can_do_hash()` (except as a temporary stub
to avoid breaking the build of psasim).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Initial work to eventually have the list of
scripts that generate files in the branches
that consume the framework.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The TLS 1.2 ClientHello function does not return
at the end in case of parsing error. Thus adapt
the server expected log in case of too small
fragments.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add a no-tls12-client-hello-defragmentation-support
argument to specify if TLS 1.2 Client Hello
defragmentation is fully supported or not.
This is temporary while the support is being added
in Mbed TLS development and 3.6 branches.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The mldsa-native and mlkem-native headers use preprocessor tricks to
construct identifiers. We can't recognize those. So f a symbol found in the
binary is in the expected sub-namespace for those parts of the library,
allow it to be undeclared.
Make the exception general enough for mldsa-native (needed now) and
mlkem-native (needed soon).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The pattern for internal macros was weird, in part, because of the unusual
short names we use in bignum code. Make the pattern stricter, but add an
exception mechanism. Declare an exception for those bignum names, but
allow them only in bignum code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
I needed that to understand how the data is represented (str vs Match, list
vs set vs tuple, ...).
No semantic change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use a typed namespace instead of a dictionary with heterogenously typed values.
No semantic change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Gilles Peskine